aspose file tools*
The moose likes JSF and the fly likes How to restrict the direct access of folder jsf pages  in a JSFWebaplication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "How to restrict the direct access of folder jsf pages  in a JSFWebaplication" Watch "How to restrict the direct access of folder jsf pages  in a JSFWebaplication" New topic
Author

How to restrict the direct access of folder jsf pages in a JSFWebaplication

sridhar chowdary avulapati
Greenhorn

Joined: Mar 10, 2008
Posts: 2
Hi All,

I need help regarding restrict direct access off jsf pages in a application.

My jsf pages are placed in pages folder under Web-root directory

I want to access jsf pages throught the application flow only not direct access.

Ex: when i am enter this url in address bar http://localhost:8090/jsf/

it displays the related jsf page

but when i enter http://localhost:8090/jsf/pages/inputname.jsf at present it allowed how to restrict the direct access.

I need to restrict the direct access of jsf pages in pages foler.

I am using JBoss 5.1.

index.jsp

<html>
<body>
<jsp:forward page="/pages/inputname.jsf" />
</body>
</html>


web.xml

<?xml version="1.0"?>
<!DOCTYPE web-app PUBLIC
"-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>

<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>

<context-param>
<param-name>javax.faces.CONFIG_FILES</param-name>
<param-value>/WEB-INF/faces-config.xml</param-value>
</context-param>

<listener>
<listener-class>com.sun.faces.config.ConfigureListener</listener-class>
</listener>

<!-- Faces Servlet -->
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup> 1 </load-on-startup>
</servlet>


<!-- Faces Servlet Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.jsf</url-pattern>
</servlet-mapping>

</web-app>


faces-config.xml


<?xml version="1.0"?>
<!DOCTYPE faces-config PUBLIC
"-//Sun Microsystems, Inc.//DTD JavaServer Faces Config 1.1//EN"
"http://java.sun.com/dtd/web-facesconfig_1_1.dtd">

<faces-config>
<navigation-rule>
<from-view-id>/pages/inputname.jsp</from-view-id>
<navigation-case>
<from-outcome>greeting</from-outcome>
<to-view-id>/pages/greeting.jsp</to-view-id>
</navigation-case>
</navigation-rule>
<managed-bean>
<managed-bean-name>personBean</managed-bean-name>
<managed-bean-class>jsfks.PersonBean</managed-bean-class>
<managed-bean-scope>request</managed-bean-scope>
</managed-bean>
</faces-config>


Please help me.

Regards,
Sridhar









Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16145
    
  21

All URL requests are "direct access" whether you type them in via the browser's navigation bar, they come in via AJAX, or an HTML GET/POST request. The server has no way of knowing the ultimate origin of a URL request.

So in that sense, you can't do anything.

However, if the idea is to preserve a workflow, you can verify the context at each stage to ensure that the preceding stages were satisfied and redirect back to the start page if they weren't.


Customer surveys are for companies who didn't pay proper attention to begin with.
rudresh kumar
Ranch Hand

Joined: Jan 04, 2006
Posts: 83
Hi,

You can place /pages folder under WEB-INF folder.

resources under WEB-INF cannot be accessed directly

Thanks
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to restrict the direct access of folder jsf pages in a JSFWebaplication